﻿using System;
using System.Collections;
using System.Configuration;
using System.Data;
using System.Linq;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.HtmlControls;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Xml.Linq;
using System.Data.SqlClient;


public partial class ajax_addcatalog : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {
        if (Session["id_user"] != null && Session["permission"] != null
            && (((int)Session["permission"]) >=2))
        {
            int projectId = 0;
            try
            {
                projectId = Int32.Parse(Request["projectId"]);
            }
            catch
            {
                projectId = 0;
            }
            if (projectId <= 0)
            {
                Response.Write("FAIL");
                return;
            }

            #region check current user can or can't access to current project
            // if not, response FAIL
            SqlParameter[] listParams = new SqlParameter[3];
            //-- param 1: @userId
            int id = Int32.Parse(Session["id_user"].ToString());
            SqlParameter param = new SqlParameter("@userId", id);
            param.SqlDbType = SqlDbType.Int;
            param.Direction = ParameterDirection.Input;
            listParams[0] = param;

            //-- param 2: @projectId
            param = new SqlParameter("@projectId", projectId);
            param.SqlDbType = SqlDbType.Int;
            param.Direction = ParameterDirection.Input;
            listParams[1] = param;

            //-- param 3: @isAccess
            param = new SqlParameter();
            param.ParameterName = "@isAccess";
            param.SqlDbType = SqlDbType.Int;
            param.Direction = ParameterDirection.Output;
            listParams[2] = param;

            dal.ExecuteSP("proCheckAccessProject_GET", listParams);
            int enable = Int32.Parse(listParams[2].Value.ToString());
            if (enable == 0)    // enable is false
            {
                Response.Write("FAIL");
                return;
            }
            #endregion
            
            #region check user is enable to add/edit catalog to project
            if (((int)Session["permission"]) >= 4)
            {
                string sql1 = " SELECT permission FROM UserProject " +
                      " WHERE userId=" + comm.to_sql(id.ToString(), "number") +
                      " AND projectId=" + comm.to_sql(projectId.ToString(), "number");
                DataTable dtTable1 = dal.SelectTable(sql1);
                if (dtTable1.Rows.Count == 1)
                {
                    int permission = Int32.Parse(dtTable1.Rows[0]["permission"].ToString());
                    if (permission >= 5)
                        throw new Exception("FAIL");
                }
                else
                    throw new Exception("FAIL");
            }
            #endregion

            string name_catalog = comm.StandardString(Request["name"]);
            string des_catalog = comm.to_sql(comm.StandardString(Request["des"]),"string");
            if (name_catalog.Length == 0)
            {
                Response.Write("FAIL");
                return;
            }
            name_catalog = comm.to_sql(name_catalog,"string");
            string priority_catalog = Request["priority"];
            try
            {
                int pri = Int32.Parse(priority_catalog);
                if (pri <= 0)
                    throw new Exception();
                priority_catalog = comm.to_sql(priority_catalog, "number");
            }
            catch
            {
                priority_catalog = comm.to_sql("1", "number");
            }

            // check if catalog is exist
            string sql = "SELECT id FROM [catalog] " +
                         " WHERE LOWER(name)=LOWER(" + name_catalog +
                         ") AND projectId=" + comm.to_sql(projectId.ToString(),"number") ;
            DataTable dtTable = dal.SelectTable(sql);
            if (dtTable.Rows.Count == 1)
            {
                Response.Write("DUPLICATE");
                return;
            }
            else if (dtTable.Rows.Count > 1)
            {
                Response.Write("FAIL");
                return;
            }

            // add catalog
            sql = "INSERT INTO [catalog](name,projectId,createdby,completepercent,priority,description) " +
                   " Values( "+ name_catalog+","+comm.to_sql(projectId.ToString(),"number")+"," + 
                    comm.to_sql(id.ToString(),"number")+",0," +priority_catalog+","+des_catalog +")";
            if (dal.Execute(sql) == 1)
            {
                Response.Write("OK");
                return;
            }
            else
            {
                Response.Write("FAIL");
                return;
            }
        }
    }
}
